1 /* 2 * PSA hashing layer on top of Mbed TLS software crypto 3 */ 4 /* 5 * Copyright The Mbed TLS Contributors 6 * SPDX-License-Identifier: Apache-2.0 7 * 8 * Licensed under the Apache License, Version 2.0 (the "License"); you may 9 * not use this file except in compliance with the License. 10 * You may obtain a copy of the License at 11 * 12 * http://www.apache.org/licenses/LICENSE-2.0 13 * 14 * Unless required by applicable law or agreed to in writing, software 15 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 16 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 17 * See the License for the specific language governing permissions and 18 * limitations under the License. 19 */ 20 21 #ifndef PSA_CRYPTO_HASH_H 22 #define PSA_CRYPTO_HASH_H 23 24 #include <psa/crypto.h> 25 26 #include "md_wrap.h" 27 28 /** Calculate the hash (digest) of a message using Mbed TLS routines. 29 * 30 * \note The signature of this function is that of a PSA driver hash_compute 31 * entry point. This function behaves as a hash_compute entry point as 32 * defined in the PSA driver interface specification for transparent 33 * drivers. 34 * 35 * \param alg The hash algorithm to compute (\c PSA_ALG_XXX value 36 * such that #PSA_ALG_IS_HASH(\p alg) is true). 37 * \param[in] input Buffer containing the message to hash. 38 * \param input_length Size of the \p input buffer in bytes. 39 * \param[out] hash Buffer where the hash is to be written. 40 * \param hash_size Size of the \p hash buffer in bytes. 41 * \param[out] hash_length On success, the number of bytes 42 * that make up the hash value. This is always 43 * #PSA_HASH_LENGTH(\p alg). 44 * 45 * \retval #PSA_SUCCESS 46 * Success. 47 * \retval #PSA_ERROR_NOT_SUPPORTED 48 * \p alg is not supported 49 * \retval #PSA_ERROR_BUFFER_TOO_SMALL 50 * \p hash_size is too small 51 * \retval #PSA_ERROR_INSUFFICIENT_MEMORY 52 * \retval #PSA_ERROR_CORRUPTION_DETECTED 53 */ 54 psa_status_t mbedtls_psa_hash_compute( 55 psa_algorithm_t alg, 56 const uint8_t *input, 57 size_t input_length, 58 uint8_t *hash, 59 size_t hash_size, 60 size_t *hash_length); 61 62 /** Set up a multipart hash operation using Mbed TLS routines. 63 * 64 * \note The signature of this function is that of a PSA driver hash_setup 65 * entry point. This function behaves as a hash_setup entry point as 66 * defined in the PSA driver interface specification for transparent 67 * drivers. 68 * 69 * If an error occurs at any step after a call to mbedtls_psa_hash_setup(), the 70 * operation will need to be reset by a call to mbedtls_psa_hash_abort(). The 71 * core may call mbedtls_psa_hash_abort() at any time after the operation 72 * has been initialized. 73 * 74 * After a successful call to mbedtls_psa_hash_setup(), the core must 75 * eventually terminate the operation. The following events terminate an 76 * operation: 77 * - A successful call to mbedtls_psa_hash_finish() or mbedtls_psa_hash_verify(). 78 * - A call to mbedtls_psa_hash_abort(). 79 * 80 * \param[in,out] operation The operation object to set up. It must have 81 * been initialized to all-zero and not yet be in use. 82 * \param alg The hash algorithm to compute (\c PSA_ALG_XXX value 83 * such that #PSA_ALG_IS_HASH(\p alg) is true). 84 * 85 * \retval #PSA_SUCCESS 86 * Success. 87 * \retval #PSA_ERROR_NOT_SUPPORTED 88 * \p alg is not supported 89 * \retval #PSA_ERROR_BAD_STATE 90 * The operation state is not valid (it must be inactive). 91 * \retval #PSA_ERROR_INSUFFICIENT_MEMORY 92 * \retval #PSA_ERROR_CORRUPTION_DETECTED 93 */ 94 psa_status_t mbedtls_psa_hash_setup( 95 mbedtls_psa_hash_operation_t *operation, 96 psa_algorithm_t alg ); 97 98 /** Clone an Mbed TLS hash operation. 99 * 100 * \note The signature of this function is that of a PSA driver hash_clone 101 * entry point. This function behaves as a hash_clone entry point as 102 * defined in the PSA driver interface specification for transparent 103 * drivers. 104 * 105 * This function copies the state of an ongoing hash operation to 106 * a new operation object. In other words, this function is equivalent 107 * to calling mbedtls_psa_hash_setup() on \p target_operation with the same 108 * algorithm that \p source_operation was set up for, then 109 * mbedtls_psa_hash_update() on \p target_operation with the same input that 110 * that was passed to \p source_operation. After this function returns, the 111 * two objects are independent, i.e. subsequent calls involving one of 112 * the objects do not affect the other object. 113 * 114 * \param[in] source_operation The active hash operation to clone. 115 * \param[in,out] target_operation The operation object to set up. 116 * It must be initialized but not active. 117 * 118 * \retval #PSA_SUCCESS 119 * \retval #PSA_ERROR_BAD_STATE 120 * The \p source_operation state is not valid (it must be active). 121 * \retval #PSA_ERROR_BAD_STATE 122 * The \p target_operation state is not valid (it must be inactive). 123 * \retval #PSA_ERROR_CORRUPTION_DETECTED 124 * \retval #PSA_ERROR_INSUFFICIENT_MEMORY 125 */ 126 psa_status_t mbedtls_psa_hash_clone( 127 const mbedtls_psa_hash_operation_t *source_operation, 128 mbedtls_psa_hash_operation_t *target_operation ); 129 130 /** Add a message fragment to a multipart Mbed TLS hash operation. 131 * 132 * \note The signature of this function is that of a PSA driver hash_update 133 * entry point. This function behaves as a hash_update entry point as 134 * defined in the PSA driver interface specification for transparent 135 * drivers. 136 * 137 * The application must call mbedtls_psa_hash_setup() before calling this function. 138 * 139 * If this function returns an error status, the operation enters an error 140 * state and must be aborted by calling mbedtls_psa_hash_abort(). 141 * 142 * \param[in,out] operation Active hash operation. 143 * \param[in] input Buffer containing the message fragment to hash. 144 * \param input_length Size of the \p input buffer in bytes. 145 * 146 * \retval #PSA_SUCCESS 147 * Success. 148 * \retval #PSA_ERROR_BAD_STATE 149 * The operation state is not valid (it must be active). 150 * \retval #PSA_ERROR_INSUFFICIENT_MEMORY 151 * \retval #PSA_ERROR_CORRUPTION_DETECTED 152 */ 153 psa_status_t mbedtls_psa_hash_update( 154 mbedtls_psa_hash_operation_t *operation, 155 const uint8_t *input, 156 size_t input_length ); 157 158 /** Finish the calculation of the Mbed TLS-calculated hash of a message. 159 * 160 * \note The signature of this function is that of a PSA driver hash_finish 161 * entry point. This function behaves as a hash_finish entry point as 162 * defined in the PSA driver interface specification for transparent 163 * drivers. 164 * 165 * The application must call mbedtls_psa_hash_setup() before calling this function. 166 * This function calculates the hash of the message formed by concatenating 167 * the inputs passed to preceding calls to mbedtls_psa_hash_update(). 168 * 169 * When this function returns successfully, the operation becomes inactive. 170 * If this function returns an error status, the operation enters an error 171 * state and must be aborted by calling mbedtls_psa_hash_abort(). 172 * 173 * \param[in,out] operation Active hash operation. 174 * \param[out] hash Buffer where the hash is to be written. 175 * \param hash_size Size of the \p hash buffer in bytes. 176 * \param[out] hash_length On success, the number of bytes 177 * that make up the hash value. This is always 178 * #PSA_HASH_LENGTH(\c alg) where \c alg is the 179 * hash algorithm that is calculated. 180 * 181 * \retval #PSA_SUCCESS 182 * Success. 183 * \retval #PSA_ERROR_BAD_STATE 184 * The operation state is not valid (it must be active). 185 * \retval #PSA_ERROR_BUFFER_TOO_SMALL 186 * The size of the \p hash buffer is too small. You can determine a 187 * sufficient buffer size by calling #PSA_HASH_LENGTH(\c alg) 188 * where \c alg is the hash algorithm that is calculated. 189 * \retval #PSA_ERROR_INSUFFICIENT_MEMORY 190 * \retval #PSA_ERROR_CORRUPTION_DETECTED 191 */ 192 psa_status_t mbedtls_psa_hash_finish( 193 mbedtls_psa_hash_operation_t *operation, 194 uint8_t *hash, 195 size_t hash_size, 196 size_t *hash_length ); 197 198 /** Abort an Mbed TLS hash operation. 199 * 200 * \note The signature of this function is that of a PSA driver hash_abort 201 * entry point. This function behaves as a hash_abort entry point as 202 * defined in the PSA driver interface specification for transparent 203 * drivers. 204 * 205 * Aborting an operation frees all associated resources except for the 206 * \p operation structure itself. Once aborted, the operation object 207 * can be reused for another operation by calling 208 * mbedtls_psa_hash_setup() again. 209 * 210 * You may call this function any time after the operation object has 211 * been initialized by one of the methods described in #psa_hash_operation_t. 212 * 213 * In particular, calling mbedtls_psa_hash_abort() after the operation has been 214 * terminated by a call to mbedtls_psa_hash_abort(), mbedtls_psa_hash_finish() or 215 * mbedtls_psa_hash_verify() is safe and has no effect. 216 * 217 * \param[in,out] operation Initialized hash operation. 218 * 219 * \retval #PSA_SUCCESS 220 * \retval #PSA_ERROR_CORRUPTION_DETECTED 221 */ 222 psa_status_t mbedtls_psa_hash_abort( 223 mbedtls_psa_hash_operation_t *operation ); 224 225 #endif /* PSA_CRYPTO_HASH_H */ 226